In order to handle ever diversifying risks existing both within and outside of the company, the Kyocera Document Solutions Group has developed a Risk Management System and we work to forecast and prevent risks which may occur, as well as strive to minimize loss if a risk does occur.
To cope with ever more complex global risks, we are working to strengthen risk management throughout our entire group. Efforts are being made, centered on the Risk Management Department, to gather information and take countermeasures beforehand for risks which may impact trust in our group or business continuity. These risks include large-scale disasters, environmental problems, information leaks and unfair labor practices or violation of human rights in the supply chain.
• Management System Diagram
The risk management system of our corporate group operates under the President, who is the Chief Risk Management Officer, and is comprised of a full-time Risk Management Committee Chairperson, Risk Management Committee Members, who serve as department heads, risk management officers selected by the said Committee Members, and the Risk Management Secretariat. We have developed a system to enable prompt response by the Risk Management Department and other related departments if a major event occurs or there are concerns that such an event may occur.
We have established internal company regulations such as management rules for important laws and regulations and the Crisis Management Manual, which is designed to provide measures for emergencies and minimize losses, and we make these regulations available to all employees.
Within our group, we are strengthening efforts to achieve continuous action for disaster prevention and ensure business continuity so that we can continue to supply products and services to customers. In Japan, we are strengthening our initial response system in case of a large-scale earthquake or disaster, and developing a system which can stably supply products and services even if there are adverse effects on production due to factors such as interruption of electric power supply, and damage to production equipment.
*Business Continuity Plan: Plan to set the measures to prevent interruption of important operations when the risks like disaster occur.
Our group strives to use information assets effectively and efficiently. We do this by clarifying the basic rules to be observed, and developing a management system, for situations where employees and other concerned parties handle information assets.
Thorough management of information such as technical information and private information is an important obligation in the realm of living up to corporate social responsibilities.
We have established a Core Information Security Policy and Core Private Information Protection Policy and continues to thoroughly manage information handling.
Our group has established a Digital Information Security Committee chaired by the President, and we are implementing measures such as periodic employee education, control of carrying information devices off company premises and strengthening of e-mail security, globally. We are also working to strengthen our system through periodic audits carried out by our legal audit department and IT department.
As a member of the Kyocera Group, Kyocera Document Solutions has established Kyocera Employee Action Guidelines as a code for employees, and we abide by all relevant laws inside and outside Japan. Our group works to ensure legal compliance in all our operations through efforts such as management by the department in charge of each respective law, development of an in-house notification system for when new laws come into effect or existing laws are revised and implementation of periodic legal audits.
In order to ensure compliance with new laws and revised laws, the law investigation department provides notifying information regarding new and revised laws to each department and the legal audit department audits the status of law and ordinance observance in each section regularly.
Each department carries out a legal self-audit by following a legal checklist, and the legal audit department periodically carries out a legal audit of each department. In this way, our compliance system is constantly maintained and improved.
Results in FY2017
|Target number of headquarters||Target number of sections||Target number of laws and regulations|
(From FY2018, Legal self-audit will be abolished, and audits will be operated with a new audit system which focuses on the operational process.)
To ensure compliance with the law in import and export transactions, we maintain a system to cope with laws such as the Foreign Exchange and Foreign Trade Act and the Customs Act.
To ensure secure export control as stipulated in the Foreign Exchange and Foreign Trade Act, we carry out control based on Kyocera Document Solutions Secure Export Control Regulations.
For import and export, we have acquired specified exporter and specified importer authorization from customs authorities, and conduct importing and exporting procedures pursuant to the control rules for business related to trading. We carry out secure export control and internal auditing of trade control, and have confirmed that the system is being properly maintained.
As part of our social responsibility, our group is working to ensure conscientious protection of private information obtained from stakeholders in the course of our business activities. Our group has established a Core Private Information Protection Policy, clarified the purposes of using private information, and specified the contact for inquiries. With our employees, we are working to achieve careful management throughout our operations by providing education on the handling of private information. We also established a management system for specific private information ("My Number").
A management system about certain personal information (individual number) is also established.
Our group has developed a management system to prevent insider trading and is working to ensure all employees are aware of the issue. We have established Rules to Prevent Insider Trading, put in place an internal information management system and established restrictions on buying and selling stocks. Also, to ensure that employees are aware of the issue, we have prepared a Guide for Prevention of Insider Trading and posted it on our in-house portal.
In the Kyocera Employee Action Guidelines which serve as a code for employees in carrying out their day-to-day work, we promote company-wide awareness by explicitly indicating that we must "combat anti-social forces with a resolute attitude based on the law".
In addition, in dealings with partners and suppliers, we stipulate an exclusion clause regarding anti-social forces in business contracts.
As part of our efforts to enhance compliance, we conduct compliance education with content organized by level and specific law. Every year, we conduct compliance education for new employees and education on relevant laws and regulations in each department (e.g., the Antimonopoly Act, laws relating to secure export control and laws relating to customs).
In the Kyocera Group, we have established an internal notification system to answer questions and discuss issues raised by employees, and enable reporting of conduct violating (or posing a risk of violating) laws, in-house rules or other norms relating to human rights, labor practices, occupational safety and health, the environment and fair trading. We have clarified efforts such as protection of personal privacy, and on that basis we consult with employees directly by telephone, e-mail and other means. We investigate and confirm the content of these discussions by enlisting the cooperation of relevant departments, and take measures to correct problems and prevent their recurrence.